Copyright Notice

Monday, June 27, 2016

I
have recently been intrigued by the idea of replacing the likes of
“Dropbox” and “Google Drive” with a cloud set-up of my own. I
had "Owncloud" set-up for nearly a year but was not happy
with it. There were minor niggles aside form speed and thumbnails and
then “Owncloud” had a recent split leading to creation of
“Nextcloud”.

While
“Nextcloud” is the one that is more aligned to the general
principles of community driven software, it is new and is still
plagued with owncloud issues as it is essentially same stuff in new
packaging at the moment.

In
the meantime, every now and then I was reading all the good stuff
people had to say about "Seafile" and so I wanted to give
it a try. Now for the past year and a half I have also been using
Fedora Security Lab spin on my home server and I just wanted to get
the Seafile set-up on it so I did a few “duckduckgo” searches on
the net and finally had the steps to achieve the objective. Obviously
it all worked and my Seafile server is live and kicking, hence the
post. :)

So
in nutshell my objective was to:

Install
seafile-server-5 behind nginx on Fedora 24 Security Lab spin all on a
32 bit 12 year old laptop.

The
steps I followed are listed below with detailed notes of what I did.
I do not claim these to be perfect but this is what worked for me. If
you know that something can be done better, please do let me know in
the comments.

1. Install required software to support seafile
with nginx:

python

python-imaging

MySQL-python

python-setuptools

nginx

mariadb

mariadb-server

policycoreutils-python

setroubleshoot

All
this can be done with one single command:

sudo dnf install python python-imaging MySQL-python python-setuptools

nginx mariadb mariadb-server policycoreutils-python setroubleshoot

2) Start mariadb-server and set up basic security
settings.

Now
as we need to run all commands with “sudo”, it is actually easier
to just go root. In other words, type "su" on the terminal
and provide your password so you are logged in as root on the
terminal. When you are logged in as root the $ changes to # at
command prompt. All commands below are on root so if you are not
logged in as root, you will need to run these with "sudo".

Start
mariadb:

[root@localhost /]# systemctl start mariadb

Initiate
the mariadb secure installation:

[root@localhost /]# mysql_secure_installation

Above
command will trigger a set of questions around port, username,
password etc. You can of course change these. If you do so, you must
keep note of it and change your specific details for database in
subsequent steps but if you leave it default you will basically have
a user: root, with a password of your choice (we will use “sqlpasswd”
for this example) and a database server running at port 3306.

3) Set up databases and privileges for "seafile"

Type
following:

[root@localhost /]# mysql -p

You
will be prompted to enter a password. Provide the password you have
set-up for maria-db server in step above. So for our example it will
be: sqlpasswd

Now
on mysql prompt type following commands one after one along with
semi-colon:

Now
we will create a user named "seafile" for mysql with a
password 'seafilepwd'. You must replace this password with one of
your own. To do so use the command below and change seafilepwd with a
password of your choice.

create user 'seafile'@'localhost' identified by 'seafilepwd';

Once
seafile user is created, we need to grant permissions to this user on
the three databases we created above. To do so, use the following one
by one on mysql command prompt:

GRANT ALL PRIVILEGES ON `ccnet-db`.* to `seafile`@localhost;
GRANT ALL PRIVILEGES ON `seafile-db`.* to `seafile`@localhost;
GRANT ALL PRIVILEGES ON `seahub-db`.* to `seafile`@localhost;

Finally
we will make sure that mariadb-server starts every-time the system is
started. To do this simply copy the command below:

[root@localhost /]# systemctl enable mariadb

4) Create directories to download and extract
seafile server:

Create
a directory called seafile:

[root@localhost /]# mkdir /opt/seafile

Now
change directory to the newly created path

[root@localhost /]# cd /opt/seafile

Download
the latest seafile-server relevant to your machine architecture (32
bit, 64 bit etc). As I am using a 32 bit laptop, I used the link
meant for that.

TIP: You can get the relevant link by first
opening the seafile site in firefox
(https://www.seafile.com/en/download/) and scrolling down all the way
to "Server" section. Then under linux section you will see
link for 64 bit and 32 bit versions. Right click on one you need and
click on "Copy Link Location". The copied text is what you
need to paste after wget in command below.

[root@localhost /]# wget https://bintray.com/artifact/

download/seafile-org/seafile/seafile-server_5.1.3_i386.tar.gz

Now
to extract the downloaded file, type following command.

[root@localhost /]# tar -xzf seafile-server_5.1.3_i386.tar.gz

TIP: If downloaded version is different, the
filename "seafile-server_5.1.3_i386.tar.gz" will be
different in the link you would have got from previous step. Use the
file name right at the end of the link you copied.

OK,
now we will create a directory named “installed” and move the
downloaded file in there.

5. Configure the seafile-server

Change
directory to seafile-server where the execution scripts are
residing.

[root@localhost seafile]# cd seafile-server-5.1.3

Now
run the execution script:

[root@localhost seafile-server-5.1.3]# ./setup-seafile-mysql.sh

Running
this script will initiate the seafile server set-up for mysql. You
will need to provide answers to some questions. I am providing those
below where you need to deviate from default or need to provide
specifc information:

Name
of the server.
Provide a servername like "my_seafile_cloud" or
"cloudy_lemon" ...you get the gist.

IP
or Domain of Server:

TIP: Now let's take a bit of time to understand
what should go here. For my usage I wanted to use dyndns so I can
access this server from outside of my home network. So I had to
configure my dyndns url to a port on my home router such that router
understood that incoming traffic to that particular port must be
transferred to this machine where the server is hosted.

Then on this machine, I have forwarded the
traffic coming to a specific port again to whichever server I want to
access thus having my uique URL for each service I am interested in.
I will go into in a bit more detail later but for now, just ensure
you are providing 1 the internal IP as well as dyndns IP along with
the port you have configured on you router to reach this machine in
particular where you are configuring the server.

So if internal IP of this machine is
192.168.1.24 and my dyndns url is banana.dyndns.com and I have
forwarded port 9994 on my router to this machine and on machine
incoming traffic to 9994 is forwarded to the port relevant to seahub
then I will provide following entries as answer to this question:

192.168.1.24:9994, banana.dyndns.com:9994

Choose
a way to initiatlise seafile databases:

Now
remember we have already done this in step 2. So for this question
we will need to give option 2. so just type 2 and press enter.

Host
of mysql server: Unless you changed this in step 2, leave it
as default (localhost)

Port
for mysql server: as above leave it default (3306) unless
you changed in Step 2.

User
for seafile: seafile

Password
for user "seafile": Use the password provided in
Step 3. "seafilepwd" is what we provided for this example.

Database
name for ccnet: ccnet-db

Database
name for seafile: seafile-db

Database
name for seahub: seahub-db

Once
this wizard has completed configuring, you will get a confirmation
that will tell you that seafile is now listening on port 8082 and
seahub on port 8000 unless you changed these while providing answers
to the wizard.

6. Add the user and provide right access

Use following commands to go up one directory, add a user
“seafile” and provide right privileges.

this as per your setup.
'HOST': '127.0.0.1',
'PORT': '3306'
}
}
FILE_SERVER_ROOT= 'https://banana.dyndns.com:9994/seafhttp' ####-----
---- Must change this as per your setup. Also note that here we have
provided the 9994 port - the one we used as port forward on router to
send traffic to this machine.
########################################################

10. Now create the safile and seahub services and
enable them so they run at system startup:

11. Start nginx service and enable to run at
system start

12. Fedora specific steps:

Now
at this point there were few final things specific to Fedora that
needed attention. I was ending up getting error 500 and what not and
after a bit of searching on duckduckgo, I tried steps listed in this
section that fixed the issue.

I
am not entirely sure what this does but what I understood is selinux
was not allowing some access between nginx and seafile which this
resolved. How? Well, you tell me :D.

I
had to install policycoreutils-python and setroubleshoot packages for
these commands to work, so I have included them in Step 1 anyway.

15. Finally, restart nginx:

If
you now type your URL (https://banana.dyndns.com:9994 from this
example) on a browser, you will be presented with login page where
you should use the admin login details you have created in Step 13
above.